[SOLVED] Error with cookies maybe?

[tomjung09]

Hi, I am trying to write a login script.  Unfortunately it is not working and I am not getting any errors returned.  I have been looking at the code forever and can't seem to figure it out and I was hoping maybe someone could see what I am not.

 

Also, I am really rusty on cookies, so if I am setting my cookies wrong, please let me know.

<?php require_once 'salvagedrides.php'; //connects to the database I haver verified that it works.
session_start();

$un = $_POST['txtusername'];
$pw = $_POST['txtpassword'];
mysql_select_db($database_sr, $sr);
$query2 = "SELECT password FROM sr_users WHERE username = '$un'";
$result2 = mysql_query($query2, $sr) or die(mysql_error());
$row2 = mysql_fetch_assoc($result2);
if($row2['password'] == $pw){ //login successfull set cookie and session
    if(isset($_COOKIE['user_ID'])){
$_COOKIE['user_ID'] = $un;}
else{
$twomonths = 5184000 + time(); 
setcookie('user_ID', $un, $twomonths); 
}
$_SESSION['user_ID'] = $un;

//Redirect to their account page
//301 Moved Permanently - Forget the old page existed
//302 Found - Use the same method (GET/POST) to request the specified page.
//303 See Other - Use GET to request the specified page. Use this to redirct after a POST.
//307 Temporary Redirect - Good for response to POST.
redirect("account.php",301);
}
else{//Return to login page
redirect("login.php?msg=invalid",301);
}
?>

 

 

[jackpf]

So what's not working?

 

$_COOKIE['user_ID'] = $un;

Also, what's that supposed to be doing?

[tomjung09]

Ah, sorry, the redirect is not working as far as I can tell, I'm not sure the if/then statements are working.  But it definitely does not get to the pages it's supposed to redirect to.

 

And $_COOKIE['user_ID'] = $un; is supposed to set a cookie with the user's username  txtusername is the name of the input box on the login page.

[tomjung09]

Yes, I tested it without the if/then statements, the redirect does not work for sure.  Any idea why?

[jackpf]

You need to use the setcookie() function to set cookies, they're not quite the same as sessions.

 

And by the looks of things, the user is supposed to be redirected if the password doesn't match. I take it that redirect() is your own function?

[tomjung09]

Ah, 2 things, first of all, I am an idiot.  I thought I was looking at a webpage that was explaining php functions.  I didn't realize they had a function that went with it.  I changed that to the header() function and it worked just fine.

 

Second, if the cookie is already set, I am just updating its value.  If it isn't set, I am using the setcookie() function.  Am I doing that part right?

[jackpf]

Yeah, but by doing $_COOKIE['something'] = 'something' you're only updating the value in the array of $_COOKIE. If you actually want to set/update a cookie, you have to use the setcookie() function.

[tomjung09]

Right right, got ya, thank you for your help!

[jackpf]

No problem.